| #
f4873ebd |
| 21-Sep-2020 |
Daniel Stenberg |
krb5: merged security.c and krb specific FTP functions in here
These two files were always tightly connected and it was hard to
understand what went into which. This also allows us to ma
krb5: merged security.c and krb specific FTP functions in here
These two files were always tightly connected and it was hard to
understand what went into which. This also allows us to make the
ftpsend() function static (moved from ftp.c).
Removed security.c
Renamed curl_sec.h to krb5.h
Closes #5987
show more ...
|
| #
6ebe63fa |
| 26-Aug-2020 |
Daniel Stenberg |
options: API for meta-data about easy options
const struct curl_easyoption *curl_easy_option_by_name(const char *name);
const struct curl_easyoption *curl_easy_option_by_id (CURLo
options: API for meta-data about easy options
const struct curl_easyoption *curl_easy_option_by_name(const char *name);
const struct curl_easyoption *curl_easy_option_by_id (CURLoption id);
const struct curl_easyoption *
curl_easy_option_next(const struct curl_easyoption *prev);
The purpose is to provide detailed enough information to allow for
example libcurl bindings to get option information at run-time about
what easy options that exist and what arguments they expect.
Assisted-by: Jeroen Ooms
Closes #5365
show more ...
|
| #
790137b0 |
| 31-Jul-2020 |
Cameron Cawley |
win32: Add Curl_verify_windows_version() to curlx
Closes https://github.com/curl/curl/pull/5754
|
|
Revision tags: curl-7_71_1, curl-7_71_0 |
|
| #
6011a986 |
| 03-May-2020 |
Peter Wu |
vtls: Extract and simplify key log file handling from OpenSSL
Create a set of routines for TLS key log file handling to enable reuse
with other TLS backends. Simplify the OpenSSL backend
vtls: Extract and simplify key log file handling from OpenSSL
Create a set of routines for TLS key log file handling to enable reuse
with other TLS backends. Simplify the OpenSSL backend as follows:
- Drop the ENABLE_SSLKEYLOGFILE macro as it is unconditionally enabled.
- Do not perform dynamic memory allocation when preparing a log entry.
Unless the TLS specifications change we can suffice with a reasonable
fixed-size buffer.
- Simplify state tracking when SSL_CTX_set_keylog_callback is
unavailable. My original sslkeylog.c code included this tracking in
order to handle multiple calls to SSL_connect and detect new keys
after renegotiation (via SSL_read/SSL_write). For curl however we can
be sure that a single master secret eventually becomes available
after SSL_connect, so a simple flag is sufficient. An alternative to
the flag is examining SSL_state(), but this seems more complex and is
not pursued. Capturing keys after server renegotiation was already
unsupported in curl and remains unsupported.
Tested with curl built against OpenSSL 0.9.8zh, 1.0.2u, and 1.1.1f
(`SSLKEYLOGFILE=keys.txt curl -vkso /dev/null https://localhost:4433`)
against an OpenSSL 1.1.1f server configured with:
# Force non-TLSv1.3, use TLSv1.0 since 0.9.8 fails with 1.1 or 1.2
openssl s_server -www -tls1
# Likewise, but fail the server handshake.
openssl s_server -www -tls1 -Verify 2
# TLS 1.3 test. No need to test the failing server handshake.
openssl s_server -www -tls1_3
Verify that all secrets (1 for TLS 1.0, 4 for TLS 1.3) are correctly
written using Wireshark. For the first and third case, expect four
matches per connection (decrypted Server Finished, Client Finished, HTTP
Request, HTTP Response). For the second case where the handshake fails,
expect a decrypted Server Finished only.
tshark -i lo -pf tcp -otls.keylog_file:keys.txt -Tfields \
-eframe.number -eframe.time -etcp.stream -e_ws.col.Info \
-dtls.port==4433,http -ohttp.desegment_body:FALSE \
-Y 'tls.handshake.verify_data or http'
A single connection can easily be identified via the `tcp.stream` field.
show more ...
|
| #
14c17a2b |
| 07-May-2020 |
Daniel Stenberg |
ngtcp2: introduce qlog support
If the QLOGDIR environment variable is set, enable qlogging.
... and create Curl_qlogdir() in the new generic vquic/vquic.c file for
QUIC function
ngtcp2: introduce qlog support
If the QLOGDIR environment variable is set, enable qlogging.
... and create Curl_qlogdir() in the new generic vquic/vquic.c file for
QUIC functions that are backend independent.
Closes #5353
show more ...
|
| #
ed35d659 |
| 02-May-2020 |
Daniel Stenberg |
dynbuf: introduce internal generic dynamic buffer functions
A common set of functions instead of many separate implementations for
creating buffers that can grow when appending data to t
dynbuf: introduce internal generic dynamic buffer functions
A common set of functions instead of many separate implementations for
creating buffers that can grow when appending data to them. Existing
functionality has been ported over.
In my early basic testing, the total number of allocations seem at
roughly the same amount as before, possibly a few less.
See docs/DYNBUF.md for a description of the API.
Closes #5300
show more ...
|
|
Revision tags: curl-7_70_0 |
|
| #
2522903b |
| 14-Apr-2020 |
Bjorn Stenberg |
mqtt: add new experimental protocol
Closes #5173
|
|
Revision tags: curl-7_69_1, curl-7_69_0 |
|
| #
330f1332 |
| 17-Feb-2020 |
Daniel Stenberg |
rename: a new file for Curl_rename()
And make the cookie save function use it.
|
| #
6357a19f |
| 16-Jan-2020 |
Daniel Stenberg |
polarssl: removed
As detailed in DEPRECATE.md, the polarssl support is now removed after
having been disabled for 6 months and nobody has missed it.
The threadlock files used by
polarssl: removed
As detailed in DEPRECATE.md, the polarssl support is now removed after
having been disabled for 6 months and nobody has missed it.
The threadlock files used by mbedtls are renamed to an 'mbedtls' prefix
instead of the former 'polarssl' and the common functions that
previously were shared between mbedtls and polarssl and contained the
name 'polarssl' have now all been renamed to instead say 'mbedtls'.
Closes #4825
show more ...
|
| #
6773c7ca |
| 05-Jan-2020 |
Daniel Stenberg |
wolfSSH: new SSH backend
Adds support for SFTP (not SCP) using WolfSSH.
Closes #4231
|
|
Revision tags: curl-7_68_0 |
|
| #
9b879160 |
| 08-Nov-2019 |
Michael Forney |
TLS: add BearSSL vtls implementation
Closes #4597
|
| #
1f6a1868 |
| 17-Nov-2019 |
Jay Satiro |
lib: Move lib/ssh.h -> lib/vssh/ssh.h
Follow-up to 5b2d703 which moved ssh source files to vssh.
Closes https://github.com/curl/curl/pull/4609
|
|
Revision tags: curl-7_67_0 |
|
| #
bc2dbef0 |
| 04-Oct-2019 |
Daniel Stenberg |
socketpair: an implemention for Windows and more
Curl_socketpair() is designed to be used and work everywhere if there's
no native version or the native version isn't good enough.
socketpair: an implemention for Windows and more
Curl_socketpair() is designed to be used and work everywhere if there's
no native version or the native version isn't good enough.
Closes #4466
show more ...
|
|
Revision tags: curl-7_66_0 |
|
| #
5b3be072 |
| 27-Aug-2019 |
Tatsuhiro Tsujikawa |
ngtcp2: Build with latest ngtcp2 and ngtcp2_crypto_openssl
Closes #4270
|
| #
5b2d703f |
| 16-Aug-2019 |
Daniel Stenberg |
vssh: create directory for SSH backend code
|
| #
d6cb1bdf |
| 13-Aug-2019 |
Daniel Stenberg |
lib/quic.c: unused - removed
|
| #
3af0e76d |
| 21-Jul-2019 |
Daniel Stenberg |
HTTP3: initial (experimental) support
USe configure --with-ngtcp2 or --with-quiche
Using either option will enable a HTTP3 build.
Co-authored-by: Alessandro Ghedini <alessandro@
HTTP3: initial (experimental) support
USe configure --with-ngtcp2 or --with-quiche
Using either option will enable a HTTP3 build.
Co-authored-by: Alessandro Ghedini <alessandro@ghedini.me>
Closes #3500
show more ...
|
|
Revision tags: curl-7_65_3, curl-7_65_2, curl-7_65_1 |
|
| #
deb9462f |
| 02-Jun-2019 |
Daniel Stenberg |
wolfssl: refer to it as wolfSSL only
Remove support for, references to and use of "cyaSSL" from the source
and docs. wolfSSL is the current name and there's no point in keeping
refer
wolfssl: refer to it as wolfSSL only
Remove support for, references to and use of "cyaSSL" from the source
and docs. wolfSSL is the current name and there's no point in keeping
references to ancient history.
Assisted-by: Daniel Gustafsson
Closes #3903
show more ...
|
|
Revision tags: curl-7_65_0 |
|
| #
060f870b |
| 30-Mar-2019 |
Po-Chuan Hsieh |
altsvc: Fix building with cookies disables
ALTSVC requires Curl_get_line which is defined in lib/cookie.c inside a #if
check of HTTP and COOKIES. That makes Curl_get_line undefined if CO
altsvc: Fix building with cookies disables
ALTSVC requires Curl_get_line which is defined in lib/cookie.c inside a #if
check of HTTP and COOKIES. That makes Curl_get_line undefined if COOKIES is
disabled. Fix by splitting out the function into a separate file which can
be included where needed.
Closes #3717
Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
Reviewed-by: Marcel Raad <Marcel.Raad@teamviewer.com>
show more ...
|
| #
2f44e94e |
| 05-Apr-2019 |
Daniel Stenberg |
pipelining: removed
As previously planned and documented in DEPRECATE.md, all pipelining
code is removed.
Closes #3651
|
|
Revision tags: curl-7_64_1 |
|
| #
e1be8254 |
| 03-Mar-2019 |
Daniel Stenberg |
alt-svc: the libcurl bits
|
| #
76a9c3c4 |
| 26-Feb-2019 |
Daniel Stenberg |
Secure Transport: no more "darwinssl"
Everyone calls it Secure Transport, now we do too.
Reviewed-by: Nick Zitzmann
Closes #3619
|
|
Revision tags: curl-7_64_0, curl-7_63_0 |
|
| #
302d125b |
| 30-Oct-2018 |
Daniel Stenberg |
axtls: removed
As has been outlined in the DEPRECATE.md document, the axTLS code has
been disabled for 6 months and is hereby removed.
Use a better supported TLS library!
axtls: removed
As has been outlined in the DEPRECATE.md document, the axTLS code has
been disabled for 6 months and is hereby removed.
Use a better supported TLS library!
Assisted-by: Daniel Gustafsson
Closes #3194
show more ...
|
|
Revision tags: curl-7_62_0 |
|
| #
31ba404a |
| 10-Sep-2018 |
Yiming Jing |
configure.ac: add a MesaLink vtls backend
|
|
Revision tags: curl-7_61_1 |
|
| #
fb30ac5a |
| 05-Aug-2018 |
Daniel Stenberg |
URL-API
See header file and man pages for API. All documented API details work
and are tested in the 1560 test case.
Closes #2842
|
